The problem that the present invention proposes to solve can be illustrated by the following example. FIG. 1 represents a building belonging to a private company, with the following different areas, each area associated with a specific security level: a lobby, a briefing center, an open space, and a security center. The lobby, with a security level Z0, is a public area where anybody has access to. The briefing center, with a security level Z1, is an area of limited security, accessible to the customers of the company, wherein access to the briefing center is granted for the people holding a badge. The open space, with a security level Z2, is an area of high security, only accessible to the employees of the company, wherein access to the open space is granted for the people holding a badge. The security center, with a security level Z3, is an area of very high security, only accessible to security staff and authorized company personal, wherein access to the security center is granted for the people holding a badge.
The building layout does not allow all transitions between the different areas, and hence between the different security levels. With the previous building layout, conventional access techniques define different security levels, according to a given hierarchy, so that a badge can give access either to the level Z1 only, or to the levels Z0 and Z1, or to the levels Z0, Z1 and Z2, or to all the levels Z0 through Z3. With such a scheme, some security breaches are difficult to avoid, as shown with the following examples: any stolen badge granting access to a security level Zi can be used for fraudulently accessing areas with a security level lower than or equal to Zi; extended (and therefore suspicious) stay within a given area can't be easily detected; an attempt to move from security level Z3 to security level Z0 without passing through the security level Z2 can't be detected; update of access granting for a given area requires recalling all the badges giving access to this area.
Other examples can be identified for similar situations, where the system managing access to the different areas of a company building does not take into account the characteristics of the building layout and of the internal company security policy. Such characteristics can for instance dictate the following rules: staying within a given area for a duration above a predetermined threshold is a suspicious behavior; transition from a first given area to a second given area without passing through a third given area (typically a security “airlock”) is a suspicious behavior; access code recorded on badges must be regularly updated to avoid stolen or duplicated badges granting access to malicious people
All these types of constraints, such as the constraints illustrated in FIG. 1 or the ones illustrated by the former rule list are not properly and efficiently addressed by conventional means.